Security



Coinium takes a comprehensive approach to security. Our security experts have built in a number of sophisticated measures to prevent the theft of money or information. Theft isn't the only threat of course. It's also essential that a professional exchange offer financial stability, with full reserves, healthy banking relationships and the highest standards of legal compliance.

Described below are just some of our security practices. The list is not complete — you can be assured that our security measures go well beyond what we're willing to make public.

Coin Storage

  • All new deposits go directly to cold wallets, with complete air-gap isolation from any online system.
  • The vast majority of coins are stored in cold wallets, with complete air-gap isolation from any online system.
  • A limited number of coins are stored in semi-cold wallets, on protected machines with locked drives.
  • Only the coins that are needed to maintain operational liquidity are stored in hot (online) wallets.
  • All wallets are encrypted.

User Account Security

  • Protection against leakage of user information: login or password recovery attempts will not reveal any account information, including the existence of an account.
  • All sensitive account information, is encrypted and access to multiple highly secure systems is required to decrypt it.
  • Global settings lock that can be enabled to prevent tampering of user account information, including withdrawal addresses, by an attacker who has gained access to the account.

Server Security

  • Our servers reside in locked racks, in a locked private cage, inside a top-tier professional data center: this means armed guards, video surveillance, retina scans, the works.
  • Data is encrypted wherever possible, and systems are both redundant and isolated from one another.
  • Data is replicated in real time and backed up on a daily basis.
  • Our staff has been thoroughly reviewed, and multiple sign-offs are required for anything remotely sensitive.

Financial Security

  • We maintain full reserves — a "bank run" is an impossibility.
  • Customer funds reside in a bank account separate from our operations account, and fees are transferred on a daily basis.
  • We have solid relations with our bank, and an agreement is in place allowing us to wind down our account in an orderly fashion, should our relationship ever come to an end.
  • We are pursuing multiple banking partnerships to build in some financial redundancy — so that even should the above situation come to pass, our daily operations will not be interrupted.

Legal Compliance

  • Bitcoin's legal status is still being defined, but we takes a highly proactive and informed approach to ensuring legal compliance.
  • Our approach is to operate conservatively, entirely within the bounds of current law, and to constantly monitor regulatory developments so that we can anticipate changes before they occur.
  • Our compliance measures are designed by a five-member team of legal advisors, including a full-time General Counsel who is responsible for constantly evaluating our legal stance in the face of regulatory developments.